Operating Systems: i5/OS
             Personalize the table of contents and search results

 

Enable cryptographic keys stored in hardware devices in Web Services Security

 

You can enable individual Web service applications to use cryptographic keys stored in hardware devices in Web Services Security. You must first configure the hardware acceleration device using the key management panels in the administrative console. See Configuring hardware cryptographic devices for Web Services Security

 

Procedure

  1. In the administrative console, click Servers > Application servers and then select the server name.

  2. Under Security, click Web services: default bindings for Web services security.

  3. Under Additional properties, click key locators.

  4. Select the key locator name.

  5. Under Key store, specify the name of the keystore configuration.

    If the keystore reference is specified to a hardware device configuration, the Web Services Security runtime first attempts to obtain the cryptographic algorithm from the hardware device. If the hardware device is not supported or if it fails, the runtime for Web services security obtains the cryptographic algorithm from the security providers list. See Creating a keystore configuration for more information about how to create the name of a keystore configuration.

  6. Click OK.

 

Results

If the name of the keystore reference is a Java keystore file, a hardware acceleration device that is configured at the application server level (ws-security.xml) will be used for cryptographic operations.

}

 

Related concepts


Hardware cryptographic device support for Web Services Security

 

Related tasks


Configuring hardware cryptographic devices for Web Services Security
Creating a keystore configuration
Enabling hardware cryptographic devices for Web Services Security